Kyivstar experienced a large-scale malfunction in December 2023, resulting in the outage of mobile communications and the internet for about 24 million users for several days.
Ilya Vityuk, the chief of the Security Service of Ukraine's cyber security department, told Reuters that the attack's aim was to inflict a psychological blow on the public and gather intelligence information.
Reuters writes this is most likely the first instance of a catastrophic cyberattack that destroyed a telecoms operator's core.
This happened despite Kyivstar's significant investment in cyber security.
The SBU discovered that hackers attempted to break into Kyivstar in March or earlier.
He leaves open the possibility that during the attack, Russian hackers may have located phones, intercepted SMS conversations, stolen personal information, and possibly stolen Telegram accounts.
Kyivstar disputes the SBU's assessment of potential breaches, claiming that customer data was not exposed.
The SBU further revealed that attempts continued to launch additional cyber attacks to inflict greater harm even after the provider's operations were resumed.
The damage of the provider's system makes it difficult to investigate the situation at this time.
The SBU thinks that a gang of Sandworm hackers, a cyberwarfare unit of Russian military intelligence, may have been responsible for the attack.
According to Vityuk, SBU investigators are still trying to figure out how Kyivstar was hacked and what kind of tools or software might have been used to get inside the system.
They also indicated that it might have been phishing, insider help, or something else entirely.
This incident didn't have a significant impact on us in terms of missile and drone detection, he concluded.
The SBU issues a warning, stating that there's a chance that Russian hackers might try to attack Ukrainian cell operators again.
This Cyber News was published on www.cysecurity.news. Publication date: Sun, 07 Jan 2024 14:43:05 +0000